Pentagon: 2008 Cyber Breach, Considered the Biggest Ever, Was Caused By a Simple Flash Drive

In the first on-the-record, official recognition that a foreign
intelligence agency infiltrated sensitive U.S. military CentCom networks
in 2008, Deputy Defense Secretary William J. Lynn III has revealed the source of the attack. And it was -- drumroll please -- a flash
drive. A simple flash drive inserted into a military laptop at a
location in the Middle East allowed malicious code to install and
conceal itself on both classified and unclassified servers, opening them
to foreign control.

The acknowledgement that such a simple process set off such an
egregious breach of security highlights not only the danger that cyber
threats pose, but just how fragile sensitive systems -- the systems by
which America makes war -- can be.

In an article today in Foreign Affairs,
Lynn presents new details about the DoD's cyberstrategy as it pertains
to seeking out threats within its own networks, and according to the WaPo he asserts that the Pentagon needs to make efforts to protect important
industry networks as well. That means defending not only protecting
dot-gov and dot-mil networks, but ensuring that private industries
providing critical infrastructure are taking the proper steps to secure
their own networks.

But what the Pentagon learned the hard way is also a timely reminder
for the rest of us as well. Keep in mind that foreign flash drives are
something like sailors during Fleet Week -- there's just no way to know
where they've been or what they've been, ahem, uploading. Be safe out
there.